kafka-sink Sonarqube is reporting CVE-2018-17196 (8.8) CVE-2020-13946 (5.9) on kafka-connect-cassandra-sink-1.4.0.jar

Sonarqube is reporting CVE-2018-17196 (8.8) CVE-2020-13946 (5.9) on kafka-connect-cassandra-sink-1.4.0.jar

Open adithyagokhale opened this issue 3 years ago • 0 comments

Hello,

As part of the Sonarcube vulnerability scan, its reporting following Critical issue.

I see 1.4.0 is the latest version we have. How do we solve this ? Can you help ?

May 05 '22 12:05 adithyagokhale